Merge pull request #1509 from kostichs/patch-5

Update about-bare-metal-servers.md
G-Core · Jan 15, 2025 · 01fad1c · 01fad1c
2 parents 30224c5 + e31b664
commit 01fad1c
Showing 1 changed file with 20 additions and 0 deletions.
diff --git a/documentation/cloud/bare-metal-servers/about-bare-metal-servers.md b/documentation/cloud/bare-metal-servers/about-bare-metal-servers.md
@@ -113,3 +113,23 @@ The table below shows the key differences between our Bare Metal servers in <a h
 | Interaction with other Cloud services | Yes                                                                                                                                                                                                                                                    | No                                                                                                   |
 | Interaction with other Gcore services | Yes                                                                                                                                                                                                                                                    | No                                                                                                   |
 | Usability                             | Complex infrastructure, intensive workloads, possible traffic spikes, networks between Virtual and Bare Metal servers, interaction with other Cloud services (Load Balancers, Managed Kubernetes), internal virtualization and containers | Small- and medium-sized projects, simple web applications, predictable workloads, low budget |
+
+
+## ## Firewall feature not supported for Bare Metal servers
+
+Please note that the Firewall feature is not supported for Bare Metal servers. Unlike Virtual Machines or other cloud services that can easily integrate with cloud-native firewalls, Bare Metal servers operate directly on physical hardware and are not subject to the same level of firewall management.
+
+For network security, Bare Metal servers can use the following alternatives:
+*   You can manually configure network security using solutions like **iptables** or **nftables** (recommended) to protect your server at the network level. Other similar solutions can also be used to set up necessary firewall rules based on your security needs.
+
+```
+sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
+sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
+sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
+sudo iptables -A INPUT -i lo -j ACCEPT
+sudo iptables -P INPUT DROP
+```
+
+*   For an additional layer of protection, opt for [Gcore DDoS Protection]([url](https://gcore.com/ddos-protection)) to keep your server available during attacks. DDoS Protection redirects traffic to the Threat Mitigation System (TMS), which performs filtering and threat detection, preventing service disruptions with its always-on mode.
+
+For more information, please [reach out to our support team]([url](https://gcore.com/contact-us)) for tailored DDoS Protection plans.